It would be funnier if it weren’t so true.
Photograph: UPI /Landov / Barcroft Media

The current state of the US and UK governments’ ass-backwards approach to cybersecurity was on full display this week – culminating with British Prime Minister David Cameron and President Obama meeting to discuss the issue at the White House on Friday. When it comes to cybersecurity, it seems the UK and US want to embrace every crazy idea except what we know actually works.

Less than 24 hours before Cameron-Obama the meeting, the Guardian published a secret report based on previously unreleased Snowden documents showing that the US government is fully aware that encryption is vital for security, and that the government risked leaving themselves vulnerable if they didn’t start implementing it on their own systems quicker. The British government likely knows this too: many of their employees use email encryption; and UK even recommend citizens use encryption to protect their data on a government website.

At the press conference after the meeting, Obama commendably didn’t embrace Cameron’s proposal when asked about it, and even Cameron seemed to at least appear to back off his own anti-encryption proclamation, saying he’s “not trying to enunciate some new doctrine.”

Part of the Obama administration’s proposal would dramatically expand the Computer Fraud and Abuse Act, the oft-abused and notorious statute that the Justice Department used to threaten the late Internet activist Aaron Swartz with 35 years in jail. (Aaron later took his own life while awaiting trial.) The CFAA already has incredibly harsh penalties, so much so that there’s been a movement for years to reduce them. And how the administration thinks increasing CFAA penalties is going to worry either North Korean hackers or ISIS sympathizers (or more likely pranksters) who take advantage of negligent password practices is anyone’s guess.

It would also put countless security researchers at further risk of prosecution, the exact type of people the government should consulting with before making these ill-thought proposals, not driving underground.

So, Congress and Obama seem to be finally on the same page about something: harsher penalties that won’t reach the hackers they were worried about and invasive “info-sharing” that doesn’t come close to solving existing problems. God forbid there be a full rebirth of the US-UK relationship, or that both sides of the Atlantic seek a full, two-state ban on encryption. Even full government gridlock would be better than that.